Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk Analysis Report data shows that nearly all audited codebases contain open source components, with average component counts rising sharply over the past year. That growth brings a parallel increase in exposure. Mean vulnerabilities per codebase climbed from 280 to 581 in one year, more than doubling. Median vulnerabilities also rose. … More → The post Open-source security debt grows across commercial software appeared first on Help Net Security.